Skills
skills/ashe-li/agent-skills/update/Gen Agent Trust Hub

update

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill accesses and modifies platform-specific directories including ~/.claude/projects/, ~/.claude/skills/, and ~/.claude/MEMORY.md. These paths contain sensitive agent state, project-specific memory, and custom skills.
  • [PROMPT_INJECTION]:
  • Ingestion points: Processes untrusted data from git diff output and various project files such as docs/, README.md, and research/.
  • Boundary markers: The instructions do not define specific delimiters or instructions to ignore potential commands embedded within the processed project files.
  • Capability inventory: The skill has access to Bash, Write, Edit, and the ability to trigger sub-agents (doc-updater, code-reviewer) that possess their own toolsets.
  • Sanitization: No specific sanitization or validation of content extracted from project files is mentioned before the data is written to documentation or platform memory.
  • Mitigation: Robust Human-In-The-Loop (HITL) checkpoints are integrated throughout the process, requiring explicit user approval via AskUserQuestion before any modifications are committed to files or memory.
  • [COMMAND_EXECUTION]: Employs Bash for git operations and dynamically determines file paths for project memory storage using a hashing rule applied to the project's absolute path. It also uses the Agent and Skill tools to dynamically invoke other components of the environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 02:13 AM